You’re a financial institution, and you have been tasked with making sure your department is prepared to mitigate potential cybersecurity threats as defined by the Federal Financial Institutions Examination Council’s (FFIEC) Cybersecurity Framework. The process of understanding your current preparedness and your target future preparedness for different cybersecurity threats can be a daunting task. Without a consistent and repeatable process for defining your preparedness it can be difficult to understand if the changes you have made had an impact on your risks.
The Archer FFIEC-Aligned CSF app-pack allows you to identify your inherent risks and cybersecurity maturity before and after controls have been implemented. Taking the guess work out of how much of an impact your controls had on your cybersecurity risks. Archer FFIEC-Aligned CSF enables you to:
Prioritize and Scope the organization's business objectives and priorities.
Orient the overall program scope to the systems, assets, regulatory requirements, and risk approach that will enable the organization to identify threats and vulnerabilities to those systems.
Create an Inherent Risk Profile identifying the organization's inherent risk before implementing controls.
Risk Assess the operational environment to discern the likelihood of a cybersecurity event and the impact that event would have on the organization.
Identify a Target Profile that focuses on the assessment categories that describe the organization's desired cybersecurity outcomes.
Analyze comparing the Current Profile to the Target Profile to determine gaps.
Implement an Action Plan to identify which steps to take to remediate the gaps focusing on standards, guidelines, and practices that work best for the organization's needs
This app-pack provides the following:
Common language to communicate requirements and progress among stakeholders (internal, partners, contractors, suppliers).
Method for organizations to understand how they fit into the larger cybersecurity ecosystem.
Regardless of organizational size or cybersecurity sophistication, organizations can apply the NIST CSF principles and FFIEC best practices of risk management to improve cybersecurity and resiliency of their critical infrastructure.
Interested in learning more about the Archer FFIEC-Aligned CSF app-pack? Join us for a Free Friday Tech Huddle on May20, 2022, for an overview and live demo. Free Friday Tech Huddles are only available to Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller — or visit us at www.archerirm.com.